This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
  • RSA.com
  • Products
    • Archer®
      • Archer®
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Knowledge Base
      • Archer® Exchange
      • Training
      • Upcoming Events
      • Videos
    • RSA® Fraud & Risk Intelligence Suite
      • RSA® Fraud & Risk Intelligence Suite
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Web Threat Detection
      • Upcoming Events
      • Videos
    • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Cloud
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Events
      • Ideas
      • Knowledge Base
      • Training
      • Upcoming Patch Content
      • Videos
    • RSA® Adaptive Authentication Mobile SDK
      • RSA® Adaptive Authentication Mobile SDK
      • Advisories
      • Events
      • Ideas
      • Knowledge Base
      • Request Access
      • Training
    • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Events
      • Ideas
      • Knowledge Base
      • Training
      • Videos
    • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Events
      • Ideas
      • Knowledge Base
      • Training
      • Videos
    • RSA® Adaptive Authentication for eCommerce
      • RSA® Adaptive Authentication for eCommerce
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Ideas
      • Knowledge Base
      • Training
      • Videos
    • RSA® FraudAction Services
      • RSA® FraudAction Services
      • Advisories
      • Discussions
      • Documentation
      • Ideas
      • Videos
    • RSA® Web Threat Detection
      • RSA® Web Threat Detection
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Knowledge Base
      • Videos
    • RSA NetWitness® Platform
      • RSA NetWitness® Platform
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Integrations
      • Knowledge Base
      • Training
      • Upcoming Events
      • Videos
    • RSA NetWitness® Detect AI
      • RSA NetWitness® Detect AI
      • Documentation
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
    • RSA NetWitness® Investigator
      • RSA NetWitness® Investigator
      • Documentation
      • Download the Client
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
    • RSA NetWitness® Orchestrator
      • RSA NetWitness® Orchestrator
      • Overview
      • Documentation
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
    • RSA SecurID® Suite
      • RSA SecurID® Suite
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Knowledge Base
      • Ideas
      • Integrations
      • Training
      • Videos
    • RSA® Identity Governance & Lifecycle
      • RSA® Identity Governance & Lifecycle
      • Advisories
      • Blog
      • Community Exchange
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Knowledge Base
      • Training
      • Upcoming Events
      • Videos
    • RSA SecurID® Access
      • RSA SecurID® Access
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Integrations
      • Knowledge Base
      • Training
      • Upcoming Events
      • Videos
    • Other RSA® Products
      • Other RSA® Products
      • RSA® Access Manager
      • RSA® Data Loss Prevention
      • RSA® Digital Certificate Solutions
      • RSA enVision®
      • RSA® Federated Identity Manager
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
  • Resources
    • Advisories
      • Product Advisories on RSA Link
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Hosted
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Product Advisories
    • Blogs
      • Blogs on RSA Link
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Blogs on RSA Link
    • Discussion Forums
      • Discussion Forums
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Discussion Forums on RSA Link
    • Documentation
      • Product Documentation
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Mobile SDK
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Documentation on RSA Link
    • Downloads
      • Product Downloads
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Downloads on RSA Link
    • Ideas
      • Idea Exchange
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Mobile SDK
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Documentation on RSA Link
    • Knowledge Base
      • Knowledge Base
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Mobile SDK
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Knowledge Base Pages on RSA Link
    • Upcoming Events on RSA Link
      • Upcoming Events
    • Videos
      • Videos on RSA Link
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Videos on RSA Link
  • Support
    • RSA Link Support
      • RSA Link Support
      • News & Announcements
      • Getting Started
      • Support Forum
      • Support Knowledge Base
      • Ideas & Suggestions
    • RSA Product Support
      • RSA Product Support
      • General Security Advisories and Statements
      • Product Life Cycle
      • Support Information
      •  
      •  
      •  
      •  
      •  
  • RSA Ready
  • RSA University
    • Certification Program
      • Certification Program
    • Course Catalogs
      • Course Catalogs
    • On-Demand Subscriptions
      • On-Demand Subscriptions
      • Archer®
      • RSA NetWitness® Platform
      • RSA SecurID® Suite
    • Product Training
      • Product Training
      • Archer®
      • RSA® Fraud & Risk Intelligence Suite
      • RSA® Identity Governance & Lifecycle
      • RSA NeWitness® Platform
      • RSA SecurID® Access
    • Student Resources
      • Student Resources
      • Access On-Demand Learning
      • Access Virtual Labs
      • Contact RSA University
      • Enrollments & Transcripts
      • Frequently Asked Questions
      • Getting Started
      • Learning Modalities
      • Payments & Cancellations
      • Private Training
      • Training Center Locations
      • Training Credits
      • YouTube Channel
    • Upcoming Events
      • Upcoming Events
      • Full Calendar
      • Conferences
      • Live Classroom Training
      • Live Virtual Classroom Training
      • Webinars
Sign In Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

RSA Link website migration to new platform is in progress

View Status

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
  • RSA Link
  • :
  • Products
  • :
  • Other RSA Products
  • :
  • RSA enVision
  • :
  • Discussions
  • :
  • CISCO IPS integration with envision 4.1 VM deploym...
  • Options
    • Subscribe to RSS Feed
    • Mark Topic as New
    • Mark Topic as Read
    • Float this Topic for Current User
    • Bookmark
    • Subscribe
    • Mute
    • Printer Friendly Page
RamiAlfarhan
RamiAlfarhan Beginner
Beginner
‎2012-11-26 02:30 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

CISCO IPS integration with envision 4.1 VM deployment

Dears;

I am using envision 4.1 virtual deployment in my environment, I need to integrate CISCO IPS 4270 V7.0 to envision, after going through the steps provided by the device configuration document; the device dose not appear, noting that the following error messages appeared:

 

subscription request failed

asynchronous error 12175 from winhttpsendrequest (https://w.x.y.z:443/cgi-bin/sdee-server/...)

 

so can any body tell me what I can do to complete the integration.

 

BR

Rami

  • Tags:
  • cisco_ips
  • Community Thread
  • Discussion
  • enVision
  • envision_4.1
  • Forum Thread
  • RSA enVision
  • sdee
0 Likes
Share
Reply
  • All forum topics
  • Previous Topic
  • Next Topic
9 Replies
DelfinAbzueta
DelfinAbzueta Beginner
Beginner
‎2012-11-27 01:45 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Hi Rami,

 

Do you check the connectivity between RSA enVision machine and the Cisco IPS device over port 443?

Do you check the SSL certificate on the CISCO IPS device are valid?

Do you check the user and password used to access data from RSA enVision into CISCO IPS are correct?

Do you create the access list on CISCO IPS to authorize the access from RSA enVision into the CISCO IPS device?

Do you started the rdep-event-server in CISCO IPS device?

Do you put the Cisco Secure Ids.txt into the \default_NIC_directory\csd\config\sdees\templates\ directory?

 

 

Please Let me know the results.!

 

Delfin Abzueta.

0 Likes
Share
Reply
RamiAlfarhan
RamiAlfarhan Beginner
Beginner
In response to DelfinAbzueta
‎2012-11-27 02:42 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Hi Delfin;

thank you for your response, answers for your Qs are:

Do you check the connectivity between RSA enVision machine and the Cisco IPS device over port 443?

 

I tried to telnet the IPS on port 443; the connection was successful, I also installed firefox on the envision VM and tried to get the XML file from the IPS through its web server and it was successful after providing the user and pass, noting that the same test on IE8 (because we have win server 2008 R2 SP1 64bit) was failed.

 


Do you check the SSL certificate on the CISCO IPS device are valid?

 

I do not know how to test the certificate, but it is ok from firefox, also when I connected to the IPS by firefox I exported the certificate and installed it to certificate manager mmc.

 

Do you check the user and password used to access data from RSA enVision into CISCO IPS are correct?

 

yes

 

Do you create the access list on CISCO IPS to authorize the access from RSA enVision into the CISCO IPS device?

 

yes, and I accessed the IPS xml by firefox from envision it self.

 

Do you started the rdep-event-server in CISCO IPS device?

 

yes

 

Do you put the Cisco Secure Ids.txt into the \default_NIC_directory\csd\config\sdees\templates\ directory?

 

yes

 

Thank You

BR

Rami

0 Likes
Share
Reply
RSAAdmin
RSAAdmin Beginner
Beginner
‎2012-11-29 11:48 AM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Hi Rami,

 

There are some registry tweaks documented in the enVision 4.1 SP1 Release Notes.  Download that document and search for SDEE.  Changing those values should get you going.  Let me know if that works for you or not.

0 Likes
Share
Reply
DelfinAbzueta
DelfinAbzueta Beginner
Beginner
In response to RamiAlfarhan
‎2012-11-29 01:08 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Hi Rami,

 

Do you look for errors on SDEE device conection in NIC System LOG??? You can get useful information there.!

0 Likes
Share
Reply
RamiAlfarhan
RamiAlfarhan Beginner
Beginner
In response to DelfinAbzueta
‎2012-12-02 05:04 AM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Dear Delfin;

 

sorry for being late; But I cannot find the release notes for envision 4.1 SP1, the available one is for envision 4.1 only.

 

BR

Rami

0 Likes
Share
Reply
RSAAdmin
RSAAdmin Beginner
Beginner
In response to RamiAlfarhan
‎2012-12-03 01:28 AM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Rami,

 

4.1 SP1 release notes are available in SCOL (Secur Care Online). Did you check in SCOL ?

 

Regards

Biju Vasudevan

0 Likes
Share
Reply
RamiAlfarhan
RamiAlfarhan Beginner
Beginner
In response to RSAAdmin
‎2012-12-03 07:12 AM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

******A Winhttpsendrequest error may be noted when the SDEE Collection Service is started****

Tracking Number: ENV-40884

Problem: When the SDEE collection service is started when an SDEE event source is added, Winhttpsendrequest

     error messages may be generated. This may occur on both Windows 2003 and Windows 2008.

Workaround: On Windows 2003, you must:

     Add the registry key UseScsvForTls under

     HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL and set the value to

     1.

On Windows 2008, you must:

     1. Add the registry key UseScsvForTls under

     HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL and set the

     value to 1.

     2. Modify the registry key FIPSAlgorithmPolicy value from 1 to 0 under

     HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa

0 Likes
Share
Reply
DelfinAbzueta
DelfinAbzueta Beginner
Beginner
In response to RamiAlfarhan
‎2012-12-03 09:19 AM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Rami

 

This case is very interesting. Do you add the key values to Windows Registry? Did this work?

 

Thanks for sharing your experience.

0 Likes
Share
Reply
AmrIsmail
AmrIsmail Beginner
Beginner
In response to DelfinAbzueta
‎2013-01-30 03:26 AM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

I am facing same problem even after applying the registry tweeks

 

I have the error

 

9

2013/01/30 11:35:12.551 EET

  1. 192.168.250.50

%NIC-3-603923: SDEE, SDEE, -, -, -, -, Detail: 4044: 1CF14A54C6374768832D61E40FA6C029: 192.168.250.231: Error: Asynchronous error 12002 from WinHttpSendRequest (https://192.168.250.231:443/cgi-bin/sdee-server?action=open&idsAlertSeverities=informational+low+med...)

0 Likes
Share
Reply
Powered by Khoros
  • Products
  • Resources
  • Solutions
  • RSA University
  • Support
  • RSA Labs
  • RSA Ready
  • About RSA Link
  • Terms & Conditions
  • Privacy Statement
  • Provide Feedback
© 2020 RSA Security LLC or its affiliates.
All rights reserved.